German COVID-19 Contact-Tracing Vulnerability Allowed RCE

19 November 2020

A security vulnerability in the infrastructure underlying Germany’s official COVID-19 contact-tracing app, called the Corona-Warn-App (CWA), would have allowed pre-authenticated remote code execution (RCE). Researcher Alvaro Muñoz wrote in a report this week that he and his team at GitHub Security Labs were chasing down RCE vulnerabilities on the platform and found one in the infrastructure supporting CWA for Android and OS.

Read full article on Threat Post

Date:

19 November 2020

Categorie(s):

NEWS

Tag(s):

COVID-19, CWA, German, Open Source, Web Security

GeoVision 0-Day Vulnerability Exploited in the Wild18 November 2024
Black Friday turning into Black Fraud Day, says UK cybersecurity chief18 November 2024
Navigating the compliance labyrinth: A CSO’s guide to scaling security18 November 2024
Transforming code scanning and threat detection with GenAI18 November 2024
Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites18 November 2024